Qwest Offers “Long-Term” Fix To Code Red

DENVER, COLORADO, U.S.A., 2001 SEP 6 (NB) — By Dick Kelsey, Newsbytes. Qwest [NYSE:Q] DSL subscribers whose service was knocked out by the Code Red family of worms now have access to software designed to protect Cisco routers from the pesky invaders.

But users won’t be credited for lost service because a “criminal act” caused a non-Qwest product to go haywire, the company said today.

“Cisco has made a long-term solution available for affected customers who use either the Cisco 675 or 678 modem,” Qwest Communications said in an e-mail to its DSL (digital subscriber line) customers.

The software, downloadable from Qwest’s Web site or on a CD-ROM available by request, appears to be the long-term solution Qwest promised when the flare-up was at its peak last month.

At that time service to an undetermined number of Qwest DSL users was interrupted or knocked out altogether when the Code Red worm and its variant froze Cisco routers.

Some subscribers complained that downloading an earlier software fix to the Code Red invasion was too complicated, but the latest software is far less involved, said Qwest spokesman Chris Hardman.

“I can tell you that the early results are very promising as far as customers being able to download the software upgrade,” he said.

The company declined to disclose how many of its 364,000 DSL subscribers had Code Red-related service problems or are equipped with Cisco routers, but Hardman has said “the vast majority are not affected.”

Last month Qwest instructed users to close Port 80, which had remained open to allow Web servers to communicate with one another. Security experts say the open port gave Code Red and its successors an entry point but the worms cannot affect the modems once the port’s been closed.

Code Red, which first emerged on or about July 17, was written to infect only servers running the English language version of Microsoft’s Windows NT and Windows 2000 operating systems, security analysts found.

But soon Qwest DSL subscribers began complaining of service interruptions or outages, and the company later determined that the trouble was being caused by Code Red’s attacks on Cisco 675 and 678 routers.

Even though some subscribers were without DSL access for several days, Qwest will not offer a credit for lost service.

“Because the Code Red virus was caused by forces outside our control, (affecting) products not made by Qwest, we have no plans to give credits for a virus that was caused by a criminal act,” he said.

Qwest said that subscribers who carried out the port closure should also install the new software.

Qwest is at http://www.qwest.com




Share this